[strongSwan-dev] [PATCH] vici: Report mobike status in list-sas command
Olivier Matz
olivier.matz at 6wind.com
Wed May 29 10:48:41 CEST 2019
Hi Tobias,
On Wed, May 29, 2019 at 09:44:09AM +0200, Tobias Brunner wrote:
> Hi Olivier,
>
> > Our management tool provides a NETCONF API for configuration and for
> > operational state. MOBIKE can be enabled or disabled in configuration.
> > The value of providing this information in operational state is to known
> > whether the configuration is properly applied.
> >
> > The "list-sa" request already provides many information, so I thought it
> > was the proper place to add one more, that could be useful for others
> > (at least it is useful for us).
>
> I guess we could add it, but I'm not sure if it really is that useful
> for users. MOBIKE is generally only a concern for them if they have to
> disable it for some reason or other (e.g. interoperability or specific
> network requirements), in which case a status flag is useless (unless
> there are doubts that the configuration is applied properly). And if
> the option is enabled, it simply reflects the ability and/or config of
> the peer, in which case the user can't do much about it (most mobile
> clients will have it enabled and won't even provide an option to disable
> it, and why would they).
Some more precisions about the use case: it is not a mobile client, and
that's why we usually disable MOBIKE. If it is not required, we prefer
to disable the feature. We use MOBIKE on a device that has several
connections to the Internet (one main and several backups).
> Or is the goal that the user can check the
> status and then go to the peer's admin and complain that MOBIKE is not
> enabled?
That was not the intention... but yes :) More seriously, this
information can be useful for troubleshooting.
Anyway, I think I understand your concern, so please do as you see fit.
Thanks,
Olivier
More information about the Dev
mailing list